FALLCHILL (ea47f1fd-0171-4254-8c92-92b7a5eec5e1)
FALLCHILL is a RAT that has been used by Lazarus Group since at least 2016 to target the aerospace, telecommunications, and finance industries. It is usually dropped by other Lazarus Group malware or delivered when a victim unknowingly visits a compromised website. [US-CERT FALLCHILL Nov 2017]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Lazarus Group (0bc66e95-de93-4de7-b415-4041b7191f08) | Tidal Groups | FALLCHILL (ea47f1fd-0171-4254-8c92-92b7a5eec5e1) | Tidal Software | 1 |